[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] BIND vulnerability

Subject: RE: [cobalt-users] BIND vulnerability
From: Reinoud van Leeuwen <rvanleeuwen@xxxxxxxxxxxx>
Date: Tue Jan 30 07:00:32 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> -----Original Message-----
> From: cobalt-users-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Dom Latter
> Sent: Tuesday, January 30, 2001 3:09 PM
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: RE: [cobalt-users] BIND vulnerability
> 
> 
> > How do I check my Raq2 running redhat 2.0 for the BIND 
> > version and 
> 
> "locate bind | less" on my Qube brings up 
> /home/packages/bind-4.9.5p1-3.mips.rpm
> for example.
> 
> NB that the process is called "named" : try 
> "ps aux | grep named".
> then "which named" to see which one you're running. 
> 
> Then "strings /usr/sbin/named | grep 4.9" which 
> rather looks like it's actually 4.9.7.
> 
> > how do I update it?
> 
> Wait for Cobalt to release a patch, wait for them 
> to withdraw it, wait for them to re-release it 
> once they've fixed the bugs?
> 
> But seriously, I'd say that us MIPSen are at less  
> risk of compromise than the Intel users.

See http://www.isc.org/products/BIND/bind-security.html There is a matrix of
which versions of Bind have which bugs. There is *nowhere* any reference to
the used platform (Intel of MIPS), so I think *everybody* should upgrade as
fast as possible.

Seriously, I think we can expect a lot of exploits on older Bind versions
soon....

Prev by Date: [cobalt-users] How to read/delete mailboxes in the spool ?
Next by Date: Re: [cobalt-users] ftp home directory
Previous by thread: Re: [cobalt-users] RAQ3 and OS4 problem with mail
Next by thread: RE: [cobalt-users] BIND vulnerability

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index